prosze o sprawdzenie logów

**Posty:** 131 · przez **pisula** 08 Mar 2008, 04:23

bardzo,bardzo często zawiesza się przeglądarka

ComboFix 08-03-01.3 - BASIA 2008-03-08 3:16:21.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.552 [GMT 1:00]
Running from: C:\Downloads\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-02-08 to 2008-03-08 )))))))))))))))))))))))))))))))
.

2008-03-08 02:55 . 2008-03-08 02:55 577,536 --a------ C:\WINDOWS\system32\ac3filter.ax
2008-03-08 02:55 . 2008-03-08 02:55 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2008-03-07 02:33 . 2008-03-07 02:33 1,158 --a------ C:\WINDOWS\mozver.dat
2008-03-07 02:30 . 2008-03-07 02:30 0 --a------ C:\WINDOWS\nsreg.dat
2008-03-06 03:07 . 2008-03-06 03:07 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-06 02:51 . 2008-03-06 10:19 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2008-03-05 14:20 . 2008-03-06 03:07 <DIR> d-------- C:\Program Files\Lavasoft
2008-03-05 14:20 . 2008-03-05 14:20 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-05 14:20 . 2008-03-05 14:21 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
2008-03-02 14:20 . 2008-03-02 14:20 <DIR> d-------- C:\WINDOWS\ERUNT
2008-03-01 23:17 . 2008-03-01 23:17 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-01 15:34 . 2008-03-01 15:34 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2008-02-21 17:57 . 2008-02-21 18:27 <DIR> d-------- C:\Program Files\Odkurzacz
2008-02-21 17:42 . 2008-02-21 17:58 <DIR> d-------- C:\Program Files\Winamp
2008-02-21 17:42 . 2008-02-21 18:34 <DIR> d-------- C:\Documents and Settings\BASIA\Dane aplikacji\Winamp
2008-02-21 17:34 . 2008-02-21 17:34 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-02-20 21:28 . 2008-02-20 21:28 45 --a------ C:\WINDOWS\system32\initdebug.nfo
2008-02-10 11:29 . 2008-02-10 11:29 <DIR> d-------- C:\Program Files\Any Video Converter
2008-02-10 11:29 . 2008-02-15 21:26 <DIR> d-------- C:\Documents and Settings\BASIA\Dane aplikacji\Any Video Converter

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-08 01:55 892,928 ----a-w C:\WINDOWS\system32\iconv.dll
2008-03-08 01:53 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\Spamihilator
2008-03-07 14:07 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\OpenOffice.org2
2008-03-07 02:17 --------- d-----w C:\Program Files\eMule
2008-03-07 02:17 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\skypePM
2008-03-06 02:05 --------- d-----w C:\Program Files\Lx_cats
2008-03-05 13:15 --------- d---a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2008-03-05 01:38 --------- d-----w C:\Program Files\SkanerOnline
2008-02-27 17:49 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\Skype
2008-02-21 17:19 --------- d-----w C:\Program Files\OpenOffice.org 2.3
2008-02-21 17:13 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-02-21 17:13 --------- d-----w C:\Program Files\Spamihilator
2008-02-21 17:13 --------- d-----w C:\Program Files\NAPI-PROJEKT
2008-02-21 17:13 --------- d-----w C:\Program Files\BitComet
2008-02-21 16:46 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-10 09:05 --------- d-----w C:\Program Files\123 DVD Clone
2008-02-04 18:31 --------- d-----w C:\Program Files\Cobra 11 - Crash Time
2008-02-03 17:58 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\dvdcss
2008-02-02 21:01 --------- d-----w C:\Program Files\Super Clone DVD
2008-02-02 19:50 --------- d-----w C:\Program Files\Elaborate Bytes
2008-02-02 19:45 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Elaborate Bytes
2008-02-01 15:17 278,728 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2008-02-01 15:17 25,416 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys
2008-02-01 14:55 --------- d-----w C:\Program Files\DAEMON Tools Pro
2008-02-01 14:55 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Pro
2008-02-01 14:39 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\DAEMON Tools Pro
2008-02-01 10:33 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-01-29 19:57 --------- d-----w C:\Program Files\PITy
2008-01-29 18:27 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-29 18:27 --------- d-----w C:\Program Files\Team17
2008-01-29 10:46 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\Zen Puzzle Garden
2008-01-27 16:55 --------- d-----w C:\Program Files\Abbyy FineReader 6.0 Sprint
2008-01-26 16:58 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-01-26 16:21 --------- d-----w C:\Program Files\CCleaner
2008-01-26 09:55 --------- d-----w C:\Program Files\Common Files\Ahead
2008-01-24 01:14 --------- d-----w C:\Program Files\Gadu-Gadu
2008-01-23 21:49 --------- d-----w C:\Program Files\Common Files\Onet.pl
2008-01-23 21:40 --------- d-----w C:\Program Files\Onet
2008-01-23 21:40 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\Kamerzysta
2008-01-23 21:40 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\Czat
2008-01-23 21:40 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\AutoUpdate
2008-01-23 16:25 --------- d-----w C:\Program Files\XP Codec Pack
2008-01-23 15:44 43,698 ----a-w C:\WINDOWS\system32\xvid-uninstall.exe
2008-01-23 15:43 --------- d-----w C:\Program Files\AviSynth 2.5
2008-01-22 21:49 --------- d-----w C:\Program Files\Network Stumbler
2008-01-22 20:59 740,442 ----a-w C:\WINDOWS\system32\DivX.dll
2008-01-22 14:18 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\Media Player Classic
2008-01-22 12:49 --------- d-----w C:\Program Files\DivX
2008-01-15 17:42 --------- d-----w C:\Program Files\Debugging Tools for Windows
2008-01-13 13:04 --------- d-----w C:\Program Files\JLC's Software
2008-01-13 13:04 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\JLC's Software
2008-01-12 15:29 --------- d-----w C:\Program Files\Audio Manager 3
2008-01-10 09:47 --------- d-----w C:\Program Files\Electronic Arts
2008-01-01 19:13 122,880 ----a-w C:\WINDOWS\system32\libmpeg2_ff.dll
2008-01-01 19:11 56,320 ----a-w C:\WINDOWS\system32\ff_unrar.dll
2008-01-01 19:11 397,312 ----a-w C:\WINDOWS\system32\ff_libfaad2.dll
2008-01-01 19:11 167,936 ----a-w C:\WINDOWS\system32\ff_libdts.dll
2008-01-01 19:11 143,360 ----a-w C:\WINDOWS\system32\ff_libmad.dll
2008-01-01 19:11 118,784 ----a-w C:\WINDOWS\system32\ff_realaac.dll
2008-01-01 19:11 102,912 ----a-w C:\WINDOWS\system32\ff_tremor.dll
2008-01-01 19:10 79,360 ----a-w C:\WINDOWS\system32\mkzlib.dll
2008-01-01 19:10 54,784 ----a-w C:\WINDOWS\system32\ff_liba52.dll
2008-01-01 19:10 23,552 ----a-w C:\WINDOWS\system32\mkunicode.dll
2008-01-01 19:10 167,936 ----a-w C:\WINDOWS\system32\ts.dll
2008-01-01 19:10 151,040 ----a-w C:\WINDOWS\system32\mkx.dll
2008-01-01 19:10 142,848 ----a-w C:\WINDOWS\system32\mp4.dll
2008-01-01 19:10 123,392 ----a-w C:\WINDOWS\system32\ogm.dll
2008-01-01 19:10 110,592 ----a-w C:\WINDOWS\system32\avi.dll
2007-12-24 21:01 921,600 ----a-w C:\WINDOWS\system32\vorbisenc.dll
2007-12-24 21:01 9,216 ----a-w C:\WINDOWS\system32\cpuinf32.dll
2007-12-24 21:01 45,056 ----a-w C:\WINDOWS\system32\ogg.dll
2007-12-24 21:01 245,760 ----a-w C:\WINDOWS\system32\mplvpx.dll
2007-12-24 21:01 237,568 ----a-w C:\WINDOWS\system32\OggDS.dll
2007-12-24 21:01 188,416 ----a-w C:\WINDOWS\system32\vorbis.dll
2007-12-24 21:01 1,559,040 ----a-w C:\WINDOWS\system32\xvidcore.dll
2007-12-24 21:01 1,415,680 ----a-w C:\WINDOWS\system32\WMV9VCM.dll
2007-12-16 16:19 32 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
2007-12-16 13:48 315,392 ----a-w C:\WINDOWS\HideWin.exe
2007-12-14 10:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2006-06-23 06:48 32,768 ----a-r C:\WINDOWS\inf\UpdateUSB.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2006-10-14 10:37 110592]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-28 12:05 8429568]
"nwiz"="nwiz.exe" [2007-04-28 12:05 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-28 12:05 81920]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-08 09:21 16125952 C:\WINDOWS\RTHDCPL.exe]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-29 11:22 638976]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"Spamihilator"="C:\Program Files\Spamihilator\spamihilator.exe" [2007-08-17 16:24 716800]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 13:02 786521]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"LXCECATS"="C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll" [2005-07-20 14:46 73728]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^BASIA^Menu Start^Programy^Autostart^OpenOffice.org 2.3.lnk]
path=C:\Documents and Settings\BASIA\Menu Start\Programy\Autostart\OpenOffice.org 2.3.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.3.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
--a------ 2005-07-26 13:17 94208 C:\Program Files\Lexmark 4300 Series\ezprint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
--a------ 2005-07-12 10:36 299008 C:\Program Files\Lexmark Fax Solutions\fm3032.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
--a------ 2007-12-04 18:01 214456 C:\Program Files\IncrediMail\bin\IncMail.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcemon.exe]
--a------ 2005-08-02 18:47 192512 C:\Program Files\Lexmark 4300 Series\lxcemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
--a------ 2007-10-09 13:42 475180 C:\PROGRA~1\Magentic\bin\Magentic.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 15:57 153136 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Onet.pl AutoUpdate]
--a------ 2005-07-27 10:59 260096 C:\Program Files\Common Files\Onet.pl\AutoUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
-r------- 2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\Spamihilator\\dccproc.exe"=
"C:\\Program Files\\Magentic\\bin\\MgImp.exe"=
"C:\\Program Files\\Magentic\\bin\\Magentic.exe"=
"C:\\Program Files\\Magentic\\bin\\MgApp.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"C:\\WINDOWS\\system32\\dxdiag.exe"=
"C:\\Program Files\\Team17\\Worms World Party\\Wwp.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15284:TCP"= 15284:TCP:BitComet 15284 TCP
"15284:UDP"= 15284:UDP:BitComet 15284 UDP

R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;C:\WINDOWS\System32\StkCSrv.exe [2007-02-07 11:44]
R3 IFXTPM;IFXTPM;C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2005-10-21 12:19]
R3 StkCMini;Syntek AVStream USB2.0 2M WebCam;C:\WINDOWS\system32\Drivers\StkCMini.sys [2007-02-13 05:41]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\NSNDIS5.SYS [2004-03-24 03:12]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6c00f1b7-ce57-11dc-a64c-001d60e714e0}]
\Shell\AutoRun\command - F:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e4df9d31-ac0b-11dc-a5ea-0013e8bff85d}]
\Shell\AutoRun\command - H:\USBNB.exe

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-08 03:18:33
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCECATS = rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-03-08 3:18:57
.
2008-02-13 18:54:37 --- E O F ---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:23:07, on 2008-03-08
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Spamihilator\spamihilator.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\StkCSrv.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} (Instalator oprogramowania Onet.pl) - http://slimak.onet.pl/_m/kamerzysta/OnetInstalator012s.ocx
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1198270239156
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkCSrv.exe

--
End of file - 8115 bytes

**Posty:** 18165 · przez **wojtas** 08 Mar 2008, 12:33

czysto

**Posty:** 65 · przez **Avenger** 08 Mar 2008, 13:53

Otwórz notatnik i wklej w nim to :

Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6c00f1b7-ce57-11dc-a64c-001d60e714e0}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e4df9d31-ac0b-11dc-a5ea-0013e8bff85d}]

plik>zapisz jako...>zmień rozszerzenie na: wszystkie pliki> zapisz pod nazwą FIX.REG. Opalasz plik FIX.REG w trybie awaryjnym i wyłączonym przywracaniem systemu. Potem dajesz nowy log z combofix

**Posty:** 131 · przez **pisula** 08 Mar 2008, 16:20

nie mogę dodać wpisu do rejestru,wyskauje komunikat ze nie można zaimportować .......określony plik nie jest skryptem rejestru

**Posty:** 18165 · przez **wojtas** 08 Mar 2008, 19:59

a wklej:

REGEDIT 4

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6c00f1b7-ce57-11dc-a64c-001d60e714e0}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e4df9d31-ac0b-11dc-a5ea-0013e8bff85d}]

**Posty:** 131 · przez **pisula** 09 Mar 2008, 03:19

ok,udało się dodać wpis,poniżej nowy log.....a problem dalej występuje

ComboFix 08-03-01.3 - BASIA 2008-03-09 2:06:33.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.48.1045.18.589 [GMT 1:00]
Running from: C:\Downloads\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-02-09 to 2008-03-09 )))))))))))))))))))))))))))))))
.

2008-03-08 02:55 . 2008-03-08 02:55 577,536 --a------ C:\WINDOWS\system32\ac3filter.ax
2008-03-08 02:55 . 2008-03-08 02:55 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2008-03-07 02:33 . 2008-03-07 02:33 1,158 --a------ C:\WINDOWS\mozver.dat
2008-03-07 02:30 . 2008-03-07 02:30 0 --a------ C:\WINDOWS\nsreg.dat
2008-03-06 03:07 . 2008-03-06 03:07 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-06 02:51 . 2008-03-06 10:19 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2008-03-05 14:20 . 2008-03-06 03:07 <DIR> d-------- C:\Program Files\Lavasoft
2008-03-05 14:20 . 2008-03-05 14:20 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-05 14:20 . 2008-03-05 14:21 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
2008-03-02 14:20 . 2008-03-02 14:20 <DIR> d-------- C:\WINDOWS\ERUNT
2008-03-01 23:17 . 2008-03-01 23:17 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-01 15:34 . 2008-03-01 15:34 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2008-02-21 17:57 . 2008-02-21 18:27 <DIR> d-------- C:\Program Files\Odkurzacz
2008-02-21 17:42 . 2008-02-21 17:58 <DIR> d-------- C:\Program Files\Winamp
2008-02-21 17:42 . 2008-02-21 18:34 <DIR> d-------- C:\Documents and Settings\BASIA\Dane aplikacji\Winamp
2008-02-21 17:34 . 2008-02-21 17:34 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-02-20 21:28 . 2008-02-20 21:28 45 --a------ C:\WINDOWS\system32\initdebug.nfo
2008-02-10 11:29 . 2008-02-10 11:29 <DIR> d-------- C:\Program Files\Any Video Converter
2008-02-10 11:29 . 2008-02-15 21:26 <DIR> d-------- C:\Documents and Settings\BASIA\Dane aplikacji\Any Video Converter

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-09 00:47 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\Spamihilator
2008-03-08 01:55 892,928 ----a-w C:\WINDOWS\system32\iconv.dll
2008-03-07 14:07 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\OpenOffice.org2
2008-03-07 02:17 --------- d-----w C:\Program Files\eMule
2008-03-07 02:17 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\skypePM
2008-03-06 02:05 --------- d-----w C:\Program Files\Lx_cats
2008-03-05 13:15 --------- d---a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2008-03-05 01:38 --------- d-----w C:\Program Files\SkanerOnline
2008-02-27 17:49 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\Skype
2008-02-21 17:19 --------- d-----w C:\Program Files\OpenOffice.org 2.3
2008-02-21 17:13 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-02-21 17:13 --------- d-----w C:\Program Files\Spamihilator
2008-02-21 17:13 --------- d-----w C:\Program Files\NAPI-PROJEKT
2008-02-21 17:13 --------- d-----w C:\Program Files\BitComet
2008-02-21 16:46 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-10 09:05 --------- d-----w C:\Program Files\123 DVD Clone
2008-02-04 18:31 --------- d-----w C:\Program Files\Cobra 11 - Crash Time
2008-02-03 17:58 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\dvdcss
2008-02-02 21:01 --------- d-----w C:\Program Files\Super Clone DVD
2008-02-02 19:50 --------- d-----w C:\Program Files\Elaborate Bytes
2008-02-02 19:45 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Elaborate Bytes
2008-02-01 15:17 278,728 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2008-02-01 15:17 25,416 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys
2008-02-01 14:55 --------- d-----w C:\Program Files\DAEMON Tools Pro
2008-02-01 14:55 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Pro
2008-02-01 14:39 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\DAEMON Tools Pro
2008-02-01 10:33 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-01-29 19:57 --------- d-----w C:\Program Files\PITy
2008-01-29 18:27 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-29 18:27 --------- d-----w C:\Program Files\Team17
2008-01-29 10:46 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\Zen Puzzle Garden
2008-01-27 16:55 --------- d-----w C:\Program Files\Abbyy FineReader 6.0 Sprint
2008-01-26 16:58 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-01-26 16:21 --------- d-----w C:\Program Files\CCleaner
2008-01-26 09:55 --------- d-----w C:\Program Files\Common Files\Ahead
2008-01-24 01:14 --------- d-----w C:\Program Files\Gadu-Gadu
2008-01-23 21:49 --------- d-----w C:\Program Files\Common Files\Onet.pl
2008-01-23 21:40 --------- d-----w C:\Program Files\Onet
2008-01-23 21:40 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\Kamerzysta
2008-01-23 21:40 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\Czat
2008-01-23 21:40 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\AutoUpdate
2008-01-23 16:25 --------- d-----w C:\Program Files\XP Codec Pack
2008-01-23 15:44 43,698 ----a-w C:\WINDOWS\system32\xvid-uninstall.exe
2008-01-23 15:43 --------- d-----w C:\Program Files\AviSynth 2.5
2008-01-22 21:49 --------- d-----w C:\Program Files\Network Stumbler
2008-01-22 20:59 740,442 ----a-w C:\WINDOWS\system32\DivX.dll
2008-01-22 14:18 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\Media Player Classic
2008-01-22 12:49 --------- d-----w C:\Program Files\DivX
2008-01-15 17:42 --------- d-----w C:\Program Files\Debugging Tools for Windows
2008-01-13 13:04 --------- d-----w C:\Program Files\JLC's Software
2008-01-13 13:04 --------- d-----w C:\Documents and Settings\BASIA\Dane aplikacji\JLC's Software
2008-01-12 15:29 --------- d-----w C:\Program Files\Audio Manager 3
2008-01-10 09:47 --------- d-----w C:\Program Files\Electronic Arts
2008-01-01 19:13 122,880 ----a-w C:\WINDOWS\system32\libmpeg2_ff.dll
2008-01-01 19:11 56,320 ----a-w C:\WINDOWS\system32\ff_unrar.dll
2008-01-01 19:11 397,312 ----a-w C:\WINDOWS\system32\ff_libfaad2.dll
2008-01-01 19:11 167,936 ----a-w C:\WINDOWS\system32\ff_libdts.dll
2008-01-01 19:11 143,360 ----a-w C:\WINDOWS\system32\ff_libmad.dll
2008-01-01 19:11 118,784 ----a-w C:\WINDOWS\system32\ff_realaac.dll
2008-01-01 19:11 102,912 ----a-w C:\WINDOWS\system32\ff_tremor.dll
2008-01-01 19:10 79,360 ----a-w C:\WINDOWS\system32\mkzlib.dll
2008-01-01 19:10 54,784 ----a-w C:\WINDOWS\system32\ff_liba52.dll
2008-01-01 19:10 23,552 ----a-w C:\WINDOWS\system32\mkunicode.dll
2008-01-01 19:10 167,936 ----a-w C:\WINDOWS\system32\ts.dll
2008-01-01 19:10 151,040 ----a-w C:\WINDOWS\system32\mkx.dll
2008-01-01 19:10 142,848 ----a-w C:\WINDOWS\system32\mp4.dll
2008-01-01 19:10 123,392 ----a-w C:\WINDOWS\system32\ogm.dll
2008-01-01 19:10 110,592 ----a-w C:\WINDOWS\system32\avi.dll
2007-12-24 21:01 921,600 ----a-w C:\WINDOWS\system32\vorbisenc.dll
2007-12-24 21:01 9,216 ----a-w C:\WINDOWS\system32\cpuinf32.dll
2007-12-24 21:01 45,056 ----a-w C:\WINDOWS\system32\ogg.dll
2007-12-24 21:01 245,760 ----a-w C:\WINDOWS\system32\mplvpx.dll
2007-12-24 21:01 237,568 ----a-w C:\WINDOWS\system32\OggDS.dll
2007-12-24 21:01 188,416 ----a-w C:\WINDOWS\system32\vorbis.dll
2007-12-24 21:01 1,559,040 ----a-w C:\WINDOWS\system32\xvidcore.dll
2007-12-24 21:01 1,415,680 ----a-w C:\WINDOWS\system32\WMV9VCM.dll
2007-12-16 16:19 32 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
2007-12-16 13:48 315,392 ----a-w C:\WINDOWS\HideWin.exe
2007-12-14 10:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2006-06-23 06:48 32,768 ----a-r C:\WINDOWS\inf\UpdateUSB.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2006-10-14 10:37 110592]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-28 12:05 8429568]
"nwiz"="nwiz.exe" [2007-04-28 12:05 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-28 12:05 81920]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-08 09:21 16125952 C:\WINDOWS\RTHDCPL.exe]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-29 11:22 638976]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"Spamihilator"="C:\Program Files\Spamihilator\spamihilator.exe" [2007-08-17 16:24 716800]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 13:02 786521]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"LXCECATS"="C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll" [2005-07-20 14:46 73728]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^BASIA^Menu Start^Programy^Autostart^OpenOffice.org 2.3.lnk]
path=C:\Documents and Settings\BASIA\Menu Start\Programy\Autostart\OpenOffice.org 2.3.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.3.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
--a------ 2005-07-26 13:17 94208 C:\Program Files\Lexmark 4300 Series\ezprint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
--a------ 2005-07-12 10:36 299008 C:\Program Files\Lexmark Fax Solutions\fm3032.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
--a------ 2007-12-04 18:01 214456 C:\Program Files\IncrediMail\bin\IncMail.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcemon.exe]
--a------ 2005-08-02 18:47 192512 C:\Program Files\Lexmark 4300 Series\lxcemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
--a------ 2007-10-09 13:42 475180 C:\PROGRA~1\Magentic\bin\Magentic.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 15:57 153136 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Onet.pl AutoUpdate]
--a------ 2005-07-27 10:59 260096 C:\Program Files\Common Files\Onet.pl\AutoUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
-r------- 2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\Spamihilator\\dccproc.exe"=
"C:\\Program Files\\Magentic\\bin\\MgImp.exe"=
"C:\\Program Files\\Magentic\\bin\\Magentic.exe"=
"C:\\Program Files\\Magentic\\bin\\MgApp.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"C:\\WINDOWS\\system32\\dxdiag.exe"=
"C:\\Program Files\\Team17\\Worms World Party\\Wwp.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15284:TCP"= 15284:TCP:BitComet 15284 TCP
"15284:UDP"= 15284:UDP:BitComet 15284 UDP

R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;C:\WINDOWS\System32\StkCSrv.exe [2007-02-07 11:44]
R3 IFXTPM;IFXTPM;C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2005-10-21 12:19]
R3 StkCMini;Syntek AVStream USB2.0 2M WebCam;C:\WINDOWS\system32\Drivers\StkCMini.sys [2007-02-13 05:41]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\NSNDIS5.SYS [2004-03-24 03:12]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-09 02:08:39
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCECATS = rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-03-09 2:09:12
.
2008-02-13 18:54:37 --- E O F ---

**Posty:** 18165 · przez **wojtas** 09 Mar 2008, 12:18

czysto

to nie wina wirusów

**Posty:** 131 · przez **pisula** 09 Mar 2008, 13:25

uff,jest to jakieś pocieszenie;)
co może być przyczyną?jakś program?
nie wiem czy to ważne ale filmy odtwarzane w windows media player są niebieskie tzn twarze są sine

**Posty:** 3854 · przez **Dzi@dek** 09 Mar 2008, 13:35

Może nie masz odpowiednich sterów do grafy.
Ale to juz nie ten dział.

**Posty:** 131 · przez **pisula** 09 Mar 2008, 21:46

przeinstalowałem "grafe" jak narazie wszystko gra...dzięki

prosze o sprawdzenie logów

prosze o sprawdzenie logów

Kto jest na forum